Banking sources indicate there have been brazen violations of Section 17 of the RBI’s Master Direction on KYC norms
That explains the need to re-verify KYC credentials of bank accounts in specific districts, observed bankers
The alarming increase in online frauds in recent times has prompted the regulator to ask commercial banks to shore up monitoring and make know-your-customer (KYC) credentials ironclad before opening accounts in specific districts of concern across the country.
According to bankers, the online fraud which started in Jharkhand’s Jamtara – infamous as India’s phishing capital – a few years back has spread its tentacles to ensnare the gullible in Noida, Gurugram, Mewat, Alwar, and Ahmedabad.
Explaining the modus operandi, bankers said these phishers first open bank accounts via digital methods in one or several banks in different parts of the country using fake or original documents. These are destination accounts to which money is funnelled into after duping genuine bank customers. That explains the need to re-verify KYC credentials of bank accounts in specific districts, observed bankers.
“These scammers have some easy-to-remember calendar dates as their dates of birth like January 1, January 26, or August 15. Most of the accounts opened are in the first name,” said a banker.
Bankers said the home ministry may have received inputs on areas from where these fraudsters operate in and sounded off the regulator on the need for reassessing KYC documentation.
“The regulator has highlighted some jurisdictions where phishing is rampant. It said banks need to be watchful, monitor, insist on inflexible KYC verification, and further re-examine credentials belonging to geographical locations of concern,” said a senior public sector banker.
“The perils of this nature will only increase with increased digitisation, availability of data, and exponential growth of financial technology (tech),” said another senior banker.
A fresh online fraud involving Dhani Loans and Services, formerly known as Indiabulls Consumer Finance – a non-deposit-taking non-banking financial company registered with the Reserve Bank of India (RBI) – came to light on Monday. Unaccounted outstanding loans from Dhani Loans and Services began mysteriously appearing on the credit history of many people who claimed they had never borrowed from the online lender.
These loans were seemingly taken in the past six months using stolen customer details, where only the permanent account number (PAN) was found to be genuine, the complaints lodged by borrowers alleged, indicating large-scale identity theft. Some affected individuals have since approached cybercrime authorities and the RBI, alleging fraud.
Banking sources indicate there have been brazen violations of Section 17 of the RBI’s Master Direction on KYC norms. The directions in that Section govern accounts opened using one-time password (OTP)-based electronic KYC (eKYC) in non-face-to-face mode. KYC verification for accounts opened using eKYC is only for aggregate balance of all deposit accounts of less than Rs 1 lakh.
A spokesperson for Dhani said the company is talking to all complainants and establishing if it is indeed a case of identity theft. If it is, all records in the credit bureaux will be immediately rectified.
“The digital and tech ecosystems are evolving every day, and the industry has been plagued by individuals trying to defraud companies and unsuspecting citizens. While there are many cases of fraudsters taking advantage of people who mistakenly share credentials and OTPs of their own volition, cases of identity theft are on a steady rise. Our risk management and tech teams have been on overdrive, constantly building more robust systems to try and keep such activities at bay,” said the spokesperson.